Don't tell him if you don't have an OTB rating. It will remain a secret...
Someone automatically added me as a friend
Sort:
please_let_me_win wrote:
Maybe they think your someone that your not
Nothing to do with that at all. When you add someone, I should get an alert, and I can choose to decline or accept their request. But this person, just added me.
o
Lol apparntly there's a glitch. Idk what it is, but people added themselves to friends of cheater_1 even though he's closed. XD
I guess I shouldn't think much of it. THis site is full of bugs anyhow.
Only the F.B.I. have the powers to do that friend trick.
They must be checking you out...
LongIsland, pawns can become 8 queens...don't bully the troll
lol you should have done the otb rating thing... disapointed in you.
You have no friends, maybe somebody felt sorry for you.
You can't be a spy without friends, and rumor has it, your spying for staff. All the staff has you on their friends list. There's members, trolls, friends, enemys, spys, theives. The list is posted. What other list are you on??
RonaldJosephCote wrote:
You can't be a spy without friends, and rumor has it, your spying for staff. All the staff has you on their friends list. There's members, trools, friends, enemys, spys, theives. The list is posted. What other list are you on??
Is a 'trool' like a troll and a tool all wrapped up in one?
Funny, I would think PTG would be happy to have a friend no matter how it happened.
Wait a minute!, What makes you think it was automatic?? They may have mulled over the idea for a few days.
I'm guessing it has something to do with the lax way that chess.com handles their URLs. You can get to all kinds of content you shouldn't be able to just by changing the parameters at the end of the URLs. Group content from groups you don't belong to, info about banned accounts you're not supposed to be able to see anymore, etc.
There are several ways to fix this, but perhaps the fastest bandaid is just adding checksum keys to each parameter, so each URL parameter becomes a key/value pair instead of a single plain text parameter anyone can change at will. Even a combined checksum for the entire URL would work okay. It would still be breakable, but the average user would not be able to figure out the proper checksum to change to, and even for those who could figure it out, it would take them a lot longer than it does currently ;).
Let's just pray they are more secure in the SQL injection attack arena.
I'm hoping V3 is fixing this rather large issue and that's why it has been allowed to continue this long ;).
Sounds like you've swallowed a Scrabble board.
It would sound that way to you, yes.
Here's some links so you can catch up and comprehend the post:
http://en.wikipedia.org/wiki/Uniform_resource_locator
http://en.wikipedia.org/wiki/Parameter_(computer_programming)
http://en.wikipedia.org/wiki/Checksum
http://en.wikipedia.org/wiki/Attribute%E2%80%93value_pair
http://en.wikipedia.org/wiki/SQL
http://en.wikipedia.org/wiki/SQL_injection
No link for "V3", which is chess.com's designation for their new interface, currently in development/testing.
maybe this guy just changed his nickname and suddenly you saw a new "friend".
Good Morning
how can i call my friends to play chess 30 minuten
wich is the procedure please
kindly i wait for your answer
regards
greg
I never recieved a friend request, and never sent one. How can someone just add me to their friends list? I already removed the person.